2009/8/6 Francisco Martínez Díaz <[email protected]> > Hello, > > I am attempting to authenticate users to our AD. The SGD server is a > solaris10, his dns name is coron10.ha.inat > The Active Directory server is a windows 2003 server, his dns name is > flecha.ha.inat and the domain name is ttaprueba. > > I synchronice the clock between the client and server bye NTP, > > I configure the krb5.conf in coron10 like this: > > *# cat krb5.conf* > > *[libdefaults]* > *default_realm = TTAPRUEBA* > *default_etypes = des-cbc-crc* > *default_tkt_enctypes = des-cbc-crc* > *default_tgs_enctypes = des-cbc-crc* > *permitted_enctypes = des-cbc-crc* > *dns_lookup_realm = true* > *dns_lookup_kdc = true* > *default_checksum = rsa-md5* > *[realms]* > *TTAPRUEBA = {* > *kdc = flecha.ttaprueba* > *}* > *[domain_realm]+* > *.ha.inat = TTAPRUEBA* > *ha.inat = TTAPRUEBA* > *[logging]* > *default = FILE:/var/krb5/kdc.log* > *kdc = FILE:/var/krb5/kdc.log* > > > > I create a user account for the service with the ktpass.exe like: > > *tarantella/coron10.ha.i...@ttaprueba* > > I create a account for the client host with the ktpass.exe like: > > *host/coron10.ha.i...@ttaprueba* > > > I can´t obtain a kerberos ticket via kinit. > > *# kinit host/coron10.ha.i...@ttaprueba* > *kinit(v5): Cannot resolve network address for KDC in realm ttaprueba > while getting initial credentials* >
What's the result for nslookup (or host) for your KDC, flecha.ttaprueba? It should probably be flecha.ha.inat > > In the administration console, I set the url, username, password, > > When I click next, I receive the following error: > > *javax.naming.AuthenticationException [Root exception is > com.tarantella.tta.webservices.TTAException]* > > I can't seem to locate any log files indicating what the error is. Where > can I look? > > _______________________________________________ > SGD-Users mailing list > [email protected] > http://www.filibeto.org/mailman/listinfo/sgd-users > >
_______________________________________________ SGD-Users mailing list [email protected] http://www.filibeto.org/mailman/listinfo/sgd-users
